CVE-2020-1322

MEDIUM

Microsoft Project - Information Disclosure via Out-of-Bounds Read

Title source: llm
STIX 2.1

Description

An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.

References (1)

Core 1
Core References

Scores

CVSS v3 6.5
EPSS 0.0548
EPSS Percentile 91.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-125 CWE-908
Status published
Products (5)
microsoft/365_apps
microsoft/office 2019
microsoft/project 2010 sp2
microsoft/project 2013 sp1
microsoft/project 2016
Published Jun 09, 2020
Tracked Since Feb 18, 2026